Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ci3vFVJFugIgTERjsbcQW0EGJoU.roa
File: Ci3vFVJFugIgTERjsbcQW0EGJoU.roa (raw, json)
Hash identifier: Vg/ul4di7kxjoeGIkcQxSmVLkURlUulUpqa0kg9WnCE=
Subject key identifier: 0A:2D:EF:15:52:45:BA:02:20:4C:44:63:B1:B7:10:5B:41:06:26:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ci3vFVJFugIgTERjsbcQW0EGJoU.roa
Signing time: Tue 16 Apr 2024 08:22:57 +0000
ROA not before: Tue 16 Apr 2024 08:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16850 (0x41d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 08:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0A2DEF155245BA02204C4463B1B7105B41062685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:09:d5:e3:6d:14:d3:61:cc:9d:33:dc:fa:
42:46:ed:54:4f:c9:7a:39:84:04:ec:69:da:62:a4:
79:d8:79:8d:53:32:ea:71:bf:98:df:55:8b:43:61:
6a:ea:0f:ab:a2:66:8c:6b:b9:ac:64:31:15:7e:57:
79:b1:ef:01:8d:1e:ff:fa:db:1d:22:e9:74:6b:8e:
3b:25:ae:72:5d:6c:b9:79:b5:b5:21:89:f5:0c:6f:
f0:63:3b:37:0b:36:93:27:6b:df:b0:3a:20:d6:58:
3b:ab:e7:46:08:07:9c:d9:5b:33:ca:76:b4:2e:7a:
d2:e4:03:33:da:92:3a:99:6b:f3:d0:c4:56:0b:fc:
08:71:ab:e1:6f:22:0c:01:2b:1e:e4:52:d2:b2:18:
a7:f4:40:f3:60:7b:0d:36:5d:64:53:f2:85:ea:c9:
f6:59:05:ca:e9:d1:83:ad:48:4f:a7:bd:e1:18:28:
f9:8f:0c:a2:56:da:ce:f2:71:76:0b:be:f2:d1:73:
34:81:c6:a1:4a:00:bd:12:9e:45:33:3e:a0:0b:2f:
e4:e9:41:d1:a3:a9:77:f0:34:2a:42:c6:bc:f7:d7:
76:be:b0:b7:93:35:38:42:be:97:3e:21:b0:40:16:
b5:c0:f4:0d:1f:82:50:f9:24:71:17:13:58:1d:4c:
97:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2D:EF:15:52:45:BA:02:20:4C:44:63:B1:B7:10:5B:41:06:26:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ci3vFVJFugIgTERjsbcQW0EGJoU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:56:a5:eb:bb:9d:e4:26:08:ab:cc:76:35:5f:47:5a:82:c3:
d3:08:7c:46:3b:39:25:21:d1:0c:2b:60:b4:ef:ef:64:12:eb:
0d:05:68:98:69:3c:37:8d:c1:91:fd:0e:67:96:bb:5b:4f:bc:
7a:4e:5a:34:88:7e:8c:67:7a:6e:59:3c:b4:0c:79:c4:89:54:
4c:7d:82:3f:f3:05:56:e5:aa:77:3b:94:91:39:32:38:67:a4:
88:e2:f1:aa:5b:bf:78:d0:ef:22:2f:36:23:1f:f8:a6:b7:b9:
4b:be:ba:e9:72:ba:73:0c:57:fc:52:70:70:8c:57:e6:9a:d5:
f3:dc:c7:05:15:f3:c0:03:a3:eb:1b:da:0f:ab:64:7c:28:5c:
cb:4f:db:2e:1a:5e:3c:f9:2b:ba:a2:53:ab:87:f9:32:2d:77:
74:bc:c2:99:e0:9d:4b:fb:4a:9c:ac:96:42:58:99:fa:c0:68:
08:ac:78:b0:ab:49:b1:64:24:a1:d8:93:8f:c5:8d:be:1e:7d:
00:0b:8b:09:78:b3:15:b0:56:d8:32:dd:2e:ed:7f:0f:b4:0c:
05:d7:30:5a:3e:5c:95:06:98:ab:9e:52:21:a0:62:68:e7:98:
9a:50:29:a3:d0:1c:51:7e:64:04:25:be:34:13:77:3d:67:5d:
c4:1c:31:19
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
ODIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBMkRFRjE1NTI0NUJB
MDIyMDRDNDQ2M0IxQjcxMDVCNDEwNjI2ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0hQnV420U02HMnTPc+kJG7VRPyXo5hATsadpipHnYeY1TMupx
v5jfVYtDYWrqD6uiZoxruaxkMRV+V3mx7wGNHv/62x0i6XRrjjslrnJdbLl5tbUh
ifUMb/BjOzcLNpMna9+wOiDWWDur50YIB5zZWzPKdrQuetLkAzPakjqZa/PQxFYL
/Ahxq+FvIgwBKx7kUtKyGKf0QPNgew02XWRT8oXqyfZZBcrp0YOtSE+nveEYKPmP
DKJW2s7ycXYLvvLRczSBxqFKAL0SnkUzPqALL+TpQdGjqXfwNCpCxrz313a+sLeT
NThCvpc+IbBAFrXA9A0fglD5JHEXE1gdTJclAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCi3vFVJFugIgTERjsbcQW0EGJoUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NpM3ZGVkpGdWdJZ1RF
UmpzYmNRVzBFR0pvVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAIFal67ud5CYIq8x2NV9HWoLD0wh8Rjs5
JSHRDCtgtO/vZBLrDQVomGk8N43Bkf0OZ5a7W0+8ek5aNIh+jGd6blk8tAx5xIlU
TH2CP/MFVuWqdzuUkTkyOGekiOLxqlu/eNDvIi82Ix/4pre5S7666XK6cwxX/FJw
cIxX5prV89zHBRXzwAOj6xvaD6tkfChcy0/bLhpePPkruqJTq4f5Mi13dLzCmeCd
S/tKnKyWQliZ+sBoCKx4sKtJsWQkodiTj8WNvh59AAuLCXizFbBW2DLdLu1/D7QM
BdcwWj5clQaYq55SIaBiaOeYmlApo9AcUX5kBCW+NBN3PWddxBwxGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org